<?php

// Check for form submission:
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
	//ob_start();
	require ('../private/mysqli_connect.php'); // Connect to the db.
	
	// Define $username and $password 
	$username=$_POST['username']; 
	$password=$_POST['password']; 

	// Prevent MySQL injection
	$username = stripslashes($username);
	$password = stripslashes($password);
	$username = mysqli_real_escape_string($mysqli, $username);
	$password = mysqli_real_escape_string($mysqli, $password);
	//$sql="SELECT * FROM '$tbl_name' WHERE u_username='$username' and u_password='$password'";
	$query="SELECT * FROM  user_login WHERE  u_username='$username' AND u_pwd='$password'";
	$result= @mysqli_query($mysqli, $query);
	$numOfMatchingUsers = @mysqli_num_rows($result);
	echo "<p>Number of matching users: {$numOfMatchingUsers}</p>";
	$sleepTimeBeforeTransfer = 3;
	/* the user */
	if($result && $numOfMatchingUsers == 1) 
	{
		// TODO: transfer user
		//echo "<p>Logged in user '{$username}' successfully.</p>";
		while($row = mysqli_fetch_array($result))
		{
			//echo $row['u_username'];
		}
		sleep($sleepTimeBeforeTransfer);
		echo '<script>self.location="login_success.php?username=' . $username . '"</script>';
	}
	else
	{
		echo '<script>self.location="login_failure.php"</script>';
	}
}

function badLoginMessage($mysqli, $query, $username)
{
	echo '<p>' . mysqli_error($mysqli) . '<br /><br />Query: ' . $q . '</p>';
	echo '<p>' . "Unsuccessful in logging in user '{$username}'." .'</p>';
}

?>


<!DOCTYPE html>
<html>
<head runat="server">
	<title>
		Login
	</title>
	<link href="style.css" rel="Stylesheet" type="text/css" />
</head>

<body>
	<a name="top"></a>
	<div class="WebsiteBanner">Study Buddy</div>
	<div class="NavigationBar">
		<span id="NavigationBarLink">
			<a href="login.php">Log In</a>
		</span>
		<span id="NavigationBarLink">
			<a href="register.php">Register</a>
		</span>
	</div>
	<div class="PostContainer">	
		<div class="Post">
			<div class="PostHeader">
				Login
			</div>
			<div class="PostContent">
				<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
				<tr>
				<form name="form1" method="post" action="login.php">
					<td>
						<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
							<tr>
								<td colspan="3"><strong>Login </strong></td>
							</tr>
							<tr>
								<td width="78">Username</td>
								<td width="6"></td>
								<td width="294"><input name="username" type="text" id="username"></td>
							</tr>
							<tr>
								<td>Password</td>
								<td></td>
								<td><input name="password" type="password" id="password"></td>
							</tr>
							<tr>
								<td>&nbsp;</td>
								<td>&nbsp;</td>
								<td><input type="submit" name="Submit" value="Login"></td>
							</tr>
						</table>
					</td>
				</form>
				</tr>
				</table>
			</div>
		</div>
	</div>
	<div  id="BackToTop">
		<a href="#top">Back to Top</a>
	</div>
</body>
</html>
